使用session实现防止重复登陆

目前我用的是Struts2的拦截器

1:利用拦截器，配置拦截器  在Struts2中配置

<interceptors>
		<interceptor name="loginInterceptor" class="com.bdqn.util.LoginInterceptor"></interceptor>
		<interceptor-stack name="myStack">
			<interceptor-ref name="loginInterceptor"></interceptor-ref>
			<interceptor-ref name="defaultStack"></interceptor-ref>
			<interceptor-ref name="fileUpload">
				<param name="maximumSize">50000000</param>
			</interceptor-ref>
		</interceptor-stack>
	</interceptors>

	<default-interceptor-ref name="myStack"></default-interceptor-ref>

2：建立LoginInterceptor类 extends AbstractInterceptor    

package com.enet.fileter;

import java.net.URLDecoder;
import java.util.Map;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpSession;
import org.apache.struts2.ServletActionContext;
import com.enet.action.UsersAction;
import com.enet.entity.Userinfo;
import com.opensymphony.xwork2.Action;
import com.opensymphony.xwork2.ActionContext;
import com.opensymphony.xwork2.ActionInvocation;
import com.opensymphony.xwork2.interceptor.AbstractInterceptor;


public class LoginInterceptor extends AbstractInterceptor {

	@Override
	public String intercept(ActionInvocation invaction) throws Exception {
		// TODO Auto-generated method stub
		HttpSession sessiona = ServletActionContext.getRequest().getSession();
		Map<String,Object> session= invaction.getInvocationContext().getSession();  
		System.out.println(session.toString());
		if(UsersAction.class == invaction.getAction().getClass()){
			 return invaction.invoke();  
		}
		Userinfo sss= (Userinfo)sessiona.getAttribute("user");
		Userinfo ss= (Userinfo) ServletActionContext.getRequest().getSession().getAttribute("user");
		
        if(sessiona.getAttribute("user") != null){  
            return invaction.invoke();  
        }else{  
            //若为空，直接跳转到登陆页面  
            return Action.ERROR;  
        }  
	}
}

PS:这个session获取的是JSP中的值，不是action中的

3：建立一个UserAction，有登陆和登出的方法

public String login(){
		HttpServletRequest httpRequest = ServletActionContext.getRequest();
		HttpSession httpSession = httpRequest.getSession();
		//加密
		user.setPassword(MD5Util.MD5(user.getPassword()));
		//判断用户名密码是否正确，返回这个用户的对象
		Xuser users=biz.getlogin(user);
		//查看是否有用户
		if(users !=null){
             //查看判断是否登陆过
			if(MyHttpSessionListener.OnLineSession.containsKey(users.getLoginname())){
				HttpSession session=MyHttpSessionListener.OnLineSession.get(users.getLoginname());
				if(!httpSession.getId().equals(session.getId())){
					session.invalidate();
				}
			}
			MyHttpSessionListener.OnLineSession.put(users.getLoginname(), httpSession);
			ServletActionContext.getRequest().getSession().setAttribute("user", users);
			return SUCCESS;
		}else{
			return ERROR;
		}
	}
	public String logout(){
		return ERROR;
	}

我是把用户的名称做为KEY保存到Session中，

如今还有会有错误的，由于你没有写MyHttpSessionListener这个类

4：建立MyHttpSessionListener类 implements HttpSessionListener

package com.enet.fileter;

import java.util.ArrayList;
import java.util.HashMap;
import java.util.Map;
import javax.servlet.annotation.WebListener;
import javax.servlet.http.HttpSession;
import javax.servlet.http.HttpSessionAttributeListener;
import javax.servlet.http.HttpSessionBindingEvent;
import javax.servlet.http.HttpSessionEvent;
import javax.servlet.http.HttpSessionListener;

@WebListener
public class MyHttpSessionListener implements HttpSessionListener {
	public static final Map<String, HttpSession> OnLineSession = new HashMap<String, HttpSession>();
	private int userNumber;
	//获取人数
	@Override
	public void sessionCreated(HttpSessionEvent event) {
		// TODO Auto-generated method stub
		userNumber++;
		event.getSession().getServletContext().setAttribute("userNumber", userNumber);
	
	}

	@Override
	public void sessionDestroyed(HttpSessionEvent event) {
		HttpSession httpSession = event.getSession();
		for (String key : OnLineSession.keySet()) {
			if (httpSession.getId().equals(OnLineSession.get(key).getId())) {
				OnLineSession.remove(key);
				break;
			}
		}
	}

	
}

  PS：这个是清除session中的值，判断key中是否有重复的值